• 1 Post
  • 7 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle

  • I am not concerned at all, mostly because I do not think that they have taken any anti-user actions recently.

    There is no circumstance, where I as a user, either as a personal user or in my professional capacity as someone running production systems, am affected by their source code decision. It’s only an issue if I decide I want to release a Green Hat Linux AND I want to be their customer.

    The GPL does not force them to do business with me, and it does NOT require them to distribute source to me if they did not distribute the software to me. Many people may consider this move against the spirit of the GPL, and I think that’s what is causing most of the anger. Well maybe it’s time for a new GPL then that codifies that and explicitly says that, and start the herculean effort of driving adoption of that new license. It didn’t go well for GPLv3 or AGPL.

    Now the Fedora telemetry proposal… is just that, a proposal. They are being transparent about “hey we are considering this, what do y’all think?”. Well, they’re certainly getting feedback on what the community thinks about that.

    Here, people are angry that they are even considering the idea of telemetry. This is understandable. People treat telemetry like it’s a dirty word, because Microsoft and co. have made it so. Telemetry can be used for nefarious purposes, there is no doubt about that.

    I believe that telemetry can be a good thing when it is done correctly. The question of whether the box should be checked by default is an important one, they need to be careful that users actually understand and having it enabled is an informed decision and not something they click past without comprehending. As long as the data collected is restricted, strictly filtered to avoid fingerprinting and leaking user data, this can be used to improve the software. Without any data on how your users experience your software, you are flying blind and throwing darts at your codebase trying to make improvements. The people filing bugs are usually not representative of the average user or their experience. Basic information like “does anyone even use this” or “how reliable is this feature” can help them prioritize their efforts.

    I’ll take a trust but verify approach on this. The client side code of Fedora is all open source, so if I have concerns I can take a look at exactly what it is doing and raise the alarm if there’s problems. I’m sure someone will make a Fedora De-telemetrified Spin I can switch to in that case. After all Fedora is not RHEL, their source issue is orthogonal to this one.

    If you made it this far, you may think I made some reasonable points… or you think I’m on Red Hat’s payroll (I’m not). Well, I gave it straight as asked, this is how I feel. I’m a user if both RHEL and Fedora and I’m not planning to change that anytime soon.







  • I think it’s fine. Actually, I think it’s even a good idea. As long as they are upfront with users and get consent and let them opt-out at any time.

    I have been the person to implement telemetry in an app, and when done correctly it can really be useful for making the experience better for everyone. It doesn’t always have to be about monetization and ads and tracking you across the web. Without data, you’re flying blind, you rely on users to self-report data to you and that selects for the more technical, knowledgeable users, who may not be having an experience that is representative of your average user.

    Some real examples: I added monitoring for the type of exceptions thrown and how often they occur. When we push updates, we have alerts that fire and stop the update if the client error rate increases with the new version. Another is the browser or OS type and version, not the full user agent either, a redacted version to avoid fingerprinting. This helps us determine if it’s safe to start using a new API or standard. Other things we monitored were performance related, like measuring the time from app open to when it has actually loaded data and become responsive. That helped us catch some regressions or determine if improvements we made actually made a difference in the real world. None of this was ever used for ads or for tracking users, it was all for making our app better.

    To me, it looks like this is what Fedora has in mind, not something malicious. With the client side code open source, we can trust but verify.